Total
322 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-2652 | 1 V4l2loopback Project | 1 V4l2loopback | 2024-02-04 | N/A | 6.0 MEDIUM |
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row). | |||||
CVE-2022-35880 | 1 Goabode | 1 Iota All-in-one Security Kit Firmware | 2024-02-04 | N/A | 8.8 HIGH |
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `NewInternalClient` XML tag, as used within the `DoUpdateUPnPbyService` action handler. | |||||
CVE-2022-26393 | 1 Baxter | 8 Baxter Spectrum Iq 35700bax3, Baxter Spectrum Iq 35700bax3 Firmware, Sigma Spectrum 35700bax and 5 more | 2024-02-04 | N/A | 8.1 HIGH |
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service (DoS) on the WBM. | |||||
CVE-2022-35884 | 1 Goabode | 1 Iota All-in-one Security Kit Firmware | 2024-02-04 | N/A | 8.8 HIGH |
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `ssid_hex` HTTP parameter, as used within the `/action/wirelessConnect` handler. | |||||
CVE-2022-35874 | 1 Goabode | 1 Iota All-in-one Security Kit Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a configuration value and then execute an XCMD to trigger these vulnerabilities.This vulnerability arises from format string injection via the `ssid` and `ssid_hex` configuration parameters, as used within the `testWifiAP` XCMD handler | |||||
CVE-2022-35879 | 1 Goabode | 1 Iota All-in-one Security Kit Firmware | 2024-02-04 | N/A | 8.8 HIGH |
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `controlURL` XML tag, as used within the `DoUpdateUPnPbyService` action handler. | |||||
CVE-2022-33938 | 1 Goabode | 2 Iota All-in-one Security Kit, Iota All-in-one Security Kit Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious XML payload to trigger this vulnerability. | |||||
CVE-2022-3023 | 1 Pingcap | 1 Tidb | 2024-02-04 | N/A | 9.8 CRITICAL |
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. | |||||
CVE-2022-22299 | 1 Fortinet | 4 Fortiadc, Fortimail, Fortios and 1 more | 2024-02-04 | N/A | 7.8 HIGH |
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. | |||||
CVE-2021-41193 | 1 Wire | 1 Wire-audio Video Signaling | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are currently no known workarounds. | |||||
CVE-2022-27177 | 1 Netflix | 1 Consoleme | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2 | |||||
CVE-2022-1215 | 1 Freedesktop | 1 Libinput | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A format string vulnerability was found in libinput | |||||
CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||||
CVE-2022-24051 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | |||||
CVE-2022-26674 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service. | |||||
CVE-2021-42911 | 1 Draytek | 6 Vigor2960, Vigor2960 Firmware, Vigor300b and 3 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in the mainfunction.cgi file via a crafted HTTP message containing malformed QUERY STRING, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2021-37735 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | |||||
CVE-2021-43041 | 1 Kaseya | 1 Unitrends Backup | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application. | |||||
CVE-2021-36161 | 1 Apache | 1 Dubbo | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method. In the latest version, we fix the toString call in timeout, cache and some other places. Fixed in Apache Dubbo 2.7.13 | |||||
CVE-2021-20307 | 3 Debian, Fedoraproject, Libpano13 Project | 3 Debian Linux, Fedora, Libpano13 | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. |